Commit 4805e2f0 authored by Henrik Riomar's avatar Henrik Riomar Committed by Leonardo Arena
Browse files

main/xen: add fix for XSA-377

This is CVE-2021-28690
parent d9a72688
......@@ -218,6 +218,7 @@ options="!strip"
# - CVE-2021-28693 XSA-372
# - CVE-2021-28692 XSA-373
# - CVE-2021-0089 XSA-375
# - CVE-2021-28690 XSA-377
case "$CARCH" in
x86*)
......@@ -289,6 +290,8 @@ source="https://downloads.xenproject.org/release/$pkgname/$pkgver/$pkgname-$pkgv
xsa375-4.13.patch
xsa377.patch
hotplug-Linux-iscsi-block-handle-lun-1.patch
xenstored.initd
......@@ -552,6 +555,7 @@ bb04c86c57058b674237d6d81b8a5a600e39e6c2144ae72b7312ee7e72d4305c5fa4b8d5194a0aec
1c93e62bfeb8ed0d5fe6db10baebc00cf54f7a6e2255f53e2770220db86c69fe46dd2fac17502d9da2109a60c93d8703b9bb618977cfe0e9919659f133f87c8d xsa373-4.13-4.patch
8fb77d16b60efa4307c0008c8773a9d5341f1b0577c6de46fe6e5630a7243c7b2eb55089a1ce778e4ed03ebf29fad69042746121b50cb953016e95a60549a728 xsa373-4.13-5.patch
9e354ab79cc182ca71c1d60be18b207c0254f35cf89f5020791d98a081bafc0a84ae7320ceb9c6215ccc4846e2daa258f72f577268bda84f5c7153e0bc03cabb xsa375-4.13.patch
9c104793facd9d595a1cbca21034d700e7e25398cad1440131258a349cd60d6145e5847e9c4bd066a5d63a63aceb8995456126a51b6d3ca872cd90717ebc2dbe xsa377.patch
8c9cfc6afca325df1d8026e21ed03fa8cd2c7e1a21a56cc1968301c5ab634bfe849951899e75d328951d7a41273d1e49a2448edbadec0029ed410c43c0549812 hotplug-Linux-iscsi-block-handle-lun-1.patch
52c43beb2596d645934d0f909f2d21f7587b6898ed5e5e7046799a8ed6d58f7a09c5809e1634fa26152f3fd4f3e7cfa07da7076f01b4a20cc8f5df8b9cb77e50 xenstored.initd
093f7fbd43faf0a16a226486a0776bade5dc1681d281c5946a3191c32d74f9699c6bf5d0ab8de9d1195a2461165d1660788e92a3156c9b3c7054d7b2d52d7ff0 xenstored.confd
......
From: Andrew Cooper <andrew.cooper3@citrix.com>
Subject: x86/spec-ctrl: Mitigate TAA after S3 resume
The user chosen setting for MSR_TSX_CTRL needs restoring after S3.
All APs get the correct setting via start_secondary(), but the BSP was missed
out.
This is XSA-377 / CVE-2021-28690.
Fixes: 8c4330818f6 ("x86/spec-ctrl: Mitigate the TSX Asynchronous Abort sidechannel")
Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Reviewed-by: Jan Beulich <jbeulich@suse.com>
diff --git a/xen/arch/x86/acpi/power.c b/xen/arch/x86/acpi/power.c
index 91a8c4d0bd..31a56f02d0 100644
--- a/xen/arch/x86/acpi/power.c
+++ b/xen/arch/x86/acpi/power.c
@@ -288,6 +288,8 @@ static int enter_state(u32 state)
microcode_update_one();
+ tsx_init(); /* Needs microcode. May change HLE/RTM feature bits. */
+
if ( !recheck_cpu_features(0) )
panic("Missing previously available feature(s)\n");
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment